HCoop / hcoop / zz_old / debian / webalizer.git / blame
| Commit | Line | Data |
|---|---|---|
| dc9c5d88 FAW |
1 | From: Julien Viard de Galbert <julien@vdg.blogsite.org> |
| 2 | Date: Tue, 23 Nov 2010 23:29:54 +0100 | |
| 3 | Subject: Solve a symlink vulnerability | |
| 4 | ||
| 5 | In the same spirit as previous 08_symlink_vulnerability patch for #359745 | |
| 6 | The .htaccess file creation did not test the symlink. | |
| 7 | ||
| 8 | Index: webalizer/output.c | |
| 9 | =================================================================== | |
| 10 | --- webalizer.orig/output.c 2010-11-24 14:34:36.000000000 +0100 | |
| 11 | +++ webalizer/output.c 2010-11-24 14:36:56.000000000 +0100 | |
| 12 | @@ -2408,6 +2408,21 @@ | |
| 13 | /* .htaccess file needed? */ | |
| 14 | if (htaccess) | |
| 15 | { | |
| 16 | + struct stat out_stat; | |
| 17 | + | |
| 18 | + /* stat the file */ | |
| 19 | + if ( !(lstat(".htaccess", &out_stat)) ) | |
| 20 | + { | |
| 21 | + /* check if the file a symlink */ | |
| 22 | + if ( S_ISLNK(out_stat.st_mode) ) | |
| 23 | + { | |
| 24 | + if (verbose) | |
| 25 | + fprintf(stderr,"%s %s (symlink)\n",msg_no_open,".htaccess"); | |
| 26 | + return NULL; | |
| 27 | + } | |
| 28 | + } | |
| 29 | + | |
| 30 | + /* open the file... */ | |
| 31 | if ((out_fp=fopen(".htaccess","wx")) != NULL) | |
| 32 | { | |
| 33 | fprintf(out_fp,"DirectoryIndex %s\n",index_fname); |